We live in an insecure world, especially when we consider the vast amounts of data we all create, store and transmit. The cloud has of course transformed how we approach the storage of information, but could this reliance on centralised cloud services put our data and personal security at risk?
The massive development of cloud-based storage services offers low cost and convenience to users and service providers alike. They support the social changes that have taken place where data needs to be accessed on the move from a wide range of devices.
The problem, as Professor Jon Crowcroft, a researcher at Cambridge University, points out in a recent article for the Royal Society is the centralised nature of data storage.
He observed: "Centralised systems give a specific point to attack for those who may want to access them illegally. Even if data is copied many times, if all the copies have the same flaw, they are all vulnerable. Just as a small gene pool places a population at risk from a change in the environment, such as a disease, the lack of variety in centralised storage systems places information at greater risk of theft."
The risk that your data could be open to when using the plethora of cloud-based services that have appeared is the issue that must be tackled. The level of access people are happy to give to their data is a question we have only just begun to respond to. How much privacy can we have and still gain the benefits that cloud storage, mobile communications and of course social media has given us all?
Safe as houses
Protecting access to locally stored data is clearly a first step to take. Here the use of encryption can be a robust way to protect your data. You can see the VP of Product Management at Ipswitch, Aaron Kelly's seven criteria for data encryption here, and how Mac owners can encrypt a partition on their hard drives.
The use of more advanced security that doesn't rely on passwords, which most people still don't use properly, is moving increasingly towards biometrics. Already you can buy notebook PCs with built-in fingerprint scanners. Lacie and IronKey will both sell you external portable storage devices that use your finger as a password.
Of course Apple has placed fingerprints front and centre, as its preferred security platform with Touch ID, but is this system as secure as it appears to be? Two years ago the hacker known as Starbug claimed to have bypassed Apple's sensor and gained access to an iPhone. Since then Apple has improved Touch ID, but as Marc Rogers, chief security researcher at Lookout Mobile Security told CNET: "I don't think people need to worry just yet, but there are distinct flaws that could lead to problems down the line."
With Apple Pay rolling out across the globe a level of caution should be exercised when relying on just touch as the only security when payments are being made. The chances of someone guessing your four-digit passcode are 1 in 10,000, which does dramatically fall if the person knows you. And the chances of someone having fingerprints close enough to yours to fool Touch ID is 1 in 50,000, so that's five times less likely than guessing a passcode. Unless you are very close friends with every retailer you frequent, using just your fingerprint as an authentication method should be secure enough.
The use of biometrics such as fingerprints looks set to become even more of a standard security method as we move into the future. The FIDO (Fast Identity Online) Alliance has launched a new standard, which it hopes will see the end of lengthy passwords to access secure services, and as a log on system for devices.
US-based Synaptics has unveiled one of the first solutions based on the standard called SecurePad, a 4mm by 10mm fingerprint scanner that can be embedded into laptop touchpads. And the Alliance has also just released details of its support for BLE (Low Energy Bluetooth) and NFC (Near Field Communication) offering more flexibility.
